Re: [Exim] HTML mail messages

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Jeffrey Goldberg
日付:  
To: Karl Schmidt
CC: exim-users
題目: Re: [Exim] HTML mail messages
[mailed and posted]

On Wed, 28 Mar 2001, Karl Schmidt wrote:

> I'm thinking of writing a perl script that will remove the html header or
> strip out any external references so that the sender will be unaware if the
> email has been viewed.


The reference parser will need to be fairly sophisticated to detect
"external" references only. The spammers are using some remarkably
clever obfuscation.

Also, you will have to catch all Javascript/Active-X portions and just
munge them so that they don't execute.


> Before I start this, I'm wondering if someone else has been down the same
> road, or if there is a better strategy. Any comments?


This kind of thing has been done for procmail

http://www.impsec.org/email-tools/procmail-security.html

But I don't know its details. My ISP (uia.net) uses this (sadly, without
an opt-out mechanism).

Anyway, ideas and general strategies will be gleenable from the above URL,
personally, I'd like to see a system filter that just banned HTML body
parts.

Cheers,

-j

--
Jeffrey Goldberg
I have recently moved, see http://www.goldmark.org/jeff/contact.html
Relativism is the triumph of authority over truth, convention over justice